New GPLv3 OpenPGP card implementation (on a java card).
pete at heypete.com
Wed Oct 16 12:01:56 CEST 2013
On Wed, Oct 16, 2013 at 11:40 AM, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 15 Oct 2013 11:41, pete at heypete.com said:
>> Also, are there any smartcards out there that would support DSA/ELG
>> keys? All the cards I've seen and used support RSA only.
> You don't want DSA on smartcards - at least not until they are able to
> do deterministic DSA (rfc-6979).
I knew that DSA fails catastrophically with low entropy (where
"catastrophically" = "leaking the private key"), but I would hope that
any DSA-capable smartcard would have a decent hardware RNG built in.
I'm not familiar with RFC 6979. Thanks for the link. It's good to see
people taking that issue into account.
More information about the Gnupg-users